Details of VAR-202103-0778

ID

VAR-202103-0778

CVE

CVE-2021-1442

TITLE

Cisco IOS XE Vulnerability related to information disclosure from log files

Trust: 0.8

sources: JVNDB: JVNDB-2021-004761

DESCRIPTION

A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of sensitive information. An attacker with low privileges could exploit this vulnerability by issuing the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device. A successful exploit could allow the attacker to obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system. Cisco IOS XE Exists in a vulnerability related to information leakage from log files.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Cisco IOS XE Software is an operating system of Cisco (Cisco). A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity

Trust: 2.34

sources: NVD: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374496 // VULMON: CVE-2021-1442

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.8sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.7a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.9s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.2ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1csp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4es	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.5sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.10e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0ce	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1f	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.9e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.4c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.6e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.7e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.10s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1r	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1gsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4gs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1g	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1isp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.10e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.1ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.7sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.11	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.9s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.10s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.8asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.9ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.5ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.10	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1hsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.8e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1v	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.6sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.8e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3h	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.10as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.9e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4ds	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.5f	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.6e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.1	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-004761 // NVD: CVE-2021-1442

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1442
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1442
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-1442
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202103-1392
value:	HIGH
Trust: 0.6
VULHUB:	VHN-374496
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-1442
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-1442
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-374496
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1442
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1442
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2021-1442
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-374496 // VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1392 // NVD: CVE-2021-1442 // NVD: CVE-2021-1442

PROBLEMTYPE DATA

problemtype:	CWE-532	Trust: 1.1
problemtype:	Information leakage from log files (CWE-532) [ Other ]	Trust: 0.8

sources: VULHUB: VHN-374496 // JVNDB: JVNDB-2021-004761 // NVD: CVE-2021-1442

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-1392

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL	Trust: 0.8
title:	Cisco IOS XE Software Repair measures for log information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145535	Trust: 0.6
title:	Cisco: Cisco IOS XE Software Plug-and-Play Privilege Escalation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL	Trust: 0.1

sources: VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202103-1392

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1442	Trust: 2.6
db:	JVN	id:	JVNVU99743643	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-004761	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021042150	Trust: 0.6
db:	CNNVD	id:	CNNVD-202103-1392	Trust: 0.6
db:	VULHUB	id:	VHN-374496	Trust: 0.1
db:	VULMON	id:	CVE-2021-1442	Trust: 0.1

sources: VULHUB: VHN-374496 // VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1392 // NVD: CVE-2021-1442

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ios-xe-pnp-priv-esc-amg3kuvl	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1442	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu99743643/index.html	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-ios-ios-xe-multiple-vulnerabilities-34940	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042150	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/532.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/198741	Trust: 0.1

sources: VULHUB: VHN-374496 // VULMON: CVE-2021-1442 // JVNDB: JVNDB-2021-004761 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202103-1392 // NVD: CVE-2021-1442

SOURCES

db:	VULHUB	id:	VHN-374496
db:	VULMON	id:	CVE-2021-1442
db:	JVNDB	id:	JVNDB-2021-004761
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202103-1392
db:	NVD	id:	CVE-2021-1442

LAST UPDATE DATE

2024-08-14T12:06:11.339000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-374496	date:	2021-03-30T00:00:00
db:	VULMON	id:	CVE-2021-1442	date:	2021-03-30T00:00:00
db:	JVNDB	id:	JVNDB-2021-004761	date:	2021-11-29T09:16:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202103-1392	date:	2021-04-22T00:00:00
db:	NVD	id:	CVE-2021-1442	date:	2021-03-30T18:24:08.240

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-374496	date:	2021-03-24T00:00:00
db:	VULMON	id:	CVE-2021-1442	date:	2021-03-24T00:00:00
db:	JVNDB	id:	JVNDB-2021-004761	date:	2021-11-29T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202103-1392	date:	2021-03-24T00:00:00
db:	NVD	id:	CVE-2021-1442	date:	2021-03-24T20:15:15.133